CVE-2025-3716

Summary

User enumeration in ESET Protect (on-prem) via Response Timing.

Affected Software

VendorProductVersion RangeStatus
ESET, spol. s.r.oESET Protect (on-prem)12.1.1.0unaffected

Weaknesses

  • CWE-204: CWE-204 Observable response discrepancy

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References